一、何为coredump
-
coredump叫做核心转储,也就是当Linux应用发生崩溃时,操作系统会自动生成coredump文件,供开发者调试使用,比如发生了段错误(segfault)。
-
当应用发生一些错误导致crash时,内核会为应用发送信号(signal),应用可以去做一些crash信息收集(比如寄存器,堆栈等),同时操作系统也会生成核心转储文件,也就是常说的core文件。
-
并不是所有信号都会生成coredump,通过
man 7 signal
查看,主要包括(SIGSEGV, SIGABRT, SIGFPE, SIGILL, SIGBUS, SIGTRAP)如下:First the signals described in the original POSIX.1-1990 standard. Signal Value Action Comment ────────────────────────────────────────────────────────────────────── SIGHUP 1 Term Hangup detected on controlling terminal or death of controlling process SIGINT 2 Term Interrupt from keyboard SIGQUIT 3 Core Quit from keyboard SIGILL 4 Core Illegal Instruction SIGABRT 6 Core Abort signal from abort(3) SIGFPE 8 Core Floating-point exception SIGKILL 9 Term Kill signal SIGSEGV 11 Core Invalid memory reference SIGPIPE 13 Term Broken pipe: write to pipe with no readers; see pipe(7) SIGALRM 14 Term Timer signal from alarm(2) SIGTERM 15 Term Termination signal SIGUSR1 30,10,16 Term User-defined signal 1 SIGUSR2 31,12,17 Term User-defined signal 2 SIGCHLD 20,17,18 Ign Child stopped or terminated SIGCONT 19,18,25 Cont Continue if stopped SIGSTOP 17,19,23 Stop Stop process SIGTSTP 18,20,24 Stop Stop typed at terminal SIGTTIN 21,21,26 Stop Terminal input for background process SIGTTOU 22,22,27 Stop Terminal output for background process The signals SIGKILL and SIGSTOP cannot be caught, blocked, or ignored. Next the signals not in the POSIX.1-1990 standard but described in SUSv2 and POSIX.1-2001. Signal Value Action Comment ──────────────────────────────────────────────────────────────────── SIGBUS 10,7,10 Core Bus error (bad memory access) SIGPOLL Term Pollable event (Sys V). Synonym for SIGIO SIGPROF 27,27,29 Term Profiling timer expired SIGSYS 12,31,12 Core Bad system call (SVr4); see also seccomp(2) SIGTRAP 5 Core Trace/breakpoint trap SIGURG 16,23,21 Ign Urgent condition on socket (4.2BSD) SIGVTALRM 26,26,28 Term Virtual alarm clock (4.2BSD) SIGXCPU 24,24,30 Core CPU time limit exceeded (4.2BSD); see setrlimit(2) SIGXFSZ 25,25,31 Core File size limit exceeded (4.2BSD); see setrlimit(2)
二、怎么打开coredump
要让系统生成core文件,需要做以下操作:
- ulimit -c unlimited (必选)
- 设置core文件大小,unlimited代表无穷大
- 临时的操作,当前shell生效,重启或新开终端无效,除非写到.bashrc里
- sudo service apport stop (必选)
- 关闭ubuntu系统崩溃上报,否则不会生成核心转储
- 临时的操作,重启失效,若要永久操作,需要修改
/etc/default/apport
,修改为enabled=0
- 修改core文件样式 (可选)
- 不修改的话默认core
- echo “core.%p.%e” > /proc/sys/kernel/core_pattern, 具体命名规则详见
man 5 core
三、怎么进行调试
使用gdb即可进行调试,调试指令为gdb {app} {core}
,gdb常用技巧如下:
- (gdb)bt
- backtrace 堆栈信息, 显示所有的函数调用栈帧的信息,每个帧一行
- (gdb) bt full
- backtrace 堆栈信息, 显示栈中所有帧的完全信息如:函数参数,本地变量
- (gdb)thread apply all bt
- 所有线程都打印栈桢
- (gdb) set logging on
- 堆栈保存到gdb.txt
本文介绍的是最原始的coredump生成方式,纯手动形式,下篇将介绍更现代化的coredump管理工具。